As announce in October 2022, Microsoft are continuing to roll out their enforcement of MFA to their users. At the same time, they have also begun to change the application to show a 2-digit number or the location of the authentication attempt in the application.
Number matching in Microsoft Authenticator MFA experience
To prevent accidental approvals and defend against MFA attacks, admins can require users to enter the number displayed on the sign-in screen when approving an MFA request in Authenticator.
Additional context in Microsoft Authenticator approval requests
Another way to reduce accidental approvals is to show users additional context in Authenticator notifications. Admins can now selectively choose to enable the following:
- Application context: Show users which application they’re signing into.
- Location context: Show users their sign-in location based on the IP address of the device they’re signing into.
Microsoft advise that they are continuing to improve the Microsoft Authenticator app to prevent users MFA fatigue and allowing access to 3rd parties who may compromise the clients data or email.
If you would like to discuss setting up the MFA app on your devices please contact us.